How botnets are linked to corporate data breaches

Data breaches that result in the loss of large volumes of information continue to make the headlines. One of the ways companies can guard against attack is by understanding what makes them vulnerable.

Security ratings firm BitSight has performed an analysis of the risk factors that make up its BitSight Security Ratings against publicly disclosed data breaches. What emerges from its study is the important role which botnets play in attacks.

The report notes that, "Although a botnet compromise may not always equate to data loss, it invariably means that one or many protective controls have failed and that at least some data or system confidentiality, integrity, or availability is at risk."

For each area of risk BitSight assigns an overall letter grade (A-F), indicating the company's performance relative to others. The grade takes into account factors such as frequency, severity, and duration (for events) as well as record quality, evaluated based on industry-standard criteria.

The study shows that BitSight botnet grades - which are a component of the top-level security rating - can serve as a key metric in predicting the likelihood of a breach. Among companies with botnet grades of A, the percentage having breaches was only 1.7 per cent; for those with a B or lower grade, the incidence of breaches was more than twice as high at 3.7 per cent.

Looked at by industry, financial companies are most likely to have an A botnet grade (74 per cent) and those in the education sector the least (23 per cent, with 33 per cent getting the lowest F rating). Retail, healthcare and utilities all fall somewhere in between with around 50 per cent getting A scores.

The report concludes that, "The implications for organisations across industries are that botnet infections cannot be ignored. Companies with poor botnet grades have been breached far more often than those with good grades, and actions should be taken to mitigate these risks".